Malpedia Library

Click here to download all references as Bib-File.•

2020-12-22 ⋅ ⋅ TEAMT5 ⋅ TeamT5
macOS 用戶當心！北韓駭客 Lazarus 將目標瞄準虛擬貨幣交易用戶

2020-12-22 ⋅ Symantec ⋅ Threat Hunter Team
SolarWinds Attacks: Stealthy Attackers Attempted To Evade Detection
SUNBURST

2020-12-22 ⋅ AhnLab ⋅ ASEC Analysis Team
Magniber Ransomware Changed Vulnerability (CVE-2019-1367 -> CVE-2020-0968) and Attempted to Bypass Behavior Detection
Magniber

2020-12-21 ⋅ Microsoft ⋅ MSRC Team
Solorigate Resource Center
SUNBURST TEARDROP

2020-12-21 ⋅ Microsoft ⋅ Detection and Response Team (DART)
Advice for incident responders on recovery from systemic identity compromises

2020-12-21 ⋅ Bloomberg ⋅ Threat Hunter Team
SolarWinds Adviser Warned of Lax Security Years Before Hack

2020-12-18 ⋅ Trend Micro ⋅ David Fiser
TeamTNT Now Deploying DDoS-Capable IRC Bot TNTbotinger
PerlBot TNTbotinger TeamTNT

2020-12-18 ⋅ Microsoft ⋅ Microsoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers
SUNBURST SUPERNOVA TEARDROP UNC2452

2020-12-17 ⋅ ClearSky ⋅ ClearSky Research Team
Pay2Kitten: Pay2Key Ransomware - A New Campaign by Fox Kitten
Pay2Key

2020-12-16 ⋅ ⋅ Qianxin ⋅ Red Raindrop Team
中招目标首次披露：SolarWinds供应链攻击相关域名生成算法可破解！
SUNBURST

2020-12-15 ⋅ VMRay ⋅ VMRay Labs Team
Malware Analysis Spotlight – Hentai Oniichan Ransomware (Berserker Variant)

2020-12-15 ⋅ ThreatConnect ⋅ ThreatConnect Research Team
Infrastructure Research and Hunting: Boiling the Domain Ocean

2020-12-15 ⋅ Github (sophos-cybersecurity) ⋅ Sophos Cyber Security Team
solarwinds-threathunt
Cobalt Strike SUNBURST

2020-12-14 ⋅ Blueliv ⋅ Alberto Marín, Blueliv Labs Team, Carlos Rubio
Using Qiling Framework to Unpack TA505 packed samples
AndroMut Azorult Silence TinyMet

2020-12-14 ⋅ Symantec ⋅ Threat Hunter Team
Sunburst: Supply Chain Attack Targets SolarWinds Users
SUNBURST TEARDROP

2020-12-12 ⋅ Twitter (MalwareHunterTeam) ⋅ MalwareHunterTeam
Tweet on ITG18 android implant
LittleLooter

2020-12-11 ⋅ Blackberry ⋅ BlackBerry Research and Intelligence team
MountLocker Ransomware-as-a-Service Offers Double Extortion Capabilities to Affiliates
Cobalt Strike Mount Locker

2020-12-10 ⋅ Palo Alto Networks Unit 42 ⋅ Unit42
Threat Brief: FireEye Red Team Tool Breach
Cobalt Strike

2020-12-10 ⋅ ⋅ Qianxin ⋅ Red Raindrop Team
APT model worker: A summary of the activities of the Eastern European hacker group using spear phishing emails to attack Ukraine

2020-12-10 ⋅ PICUS Security ⋅ Süleyman Özarslan
Tactics, Techniques and Procedures (TTPs) Utilized by FireEye’s Red Team Tools